SIPCORE O. Johansson Internet-Draft Edvina AB Intended status: Standards Track G. Salgueiro Expires: October 27, 2014 Cisco Systems April 25, 2014 Locating Session Initiation Protocol (SIP) Servers in a Dual-Stack IP Network draft-ietf-sipcore-dns-dual-stack-00 Abstract RFC 3263 defines how a Session Initiation Protocol (SIP) implementation, given a SIP Uniform Resource Identifier (URI), should locate the next hop SIP server using Domain Name System (DNS) procedures. As SIP networks increasingly transition from IPv4-only to dual-stack, a quality user experience must be ensured for dual- stack SIP implementations. This document supplements the DNS procedures described in RFC 3263 for dual-stack SIP implementations and ensures that they properly align to the optimizations detailed by Happy Eyeballs. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on October 27, 2014. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of Johansson & Salgueiro Expires October 27, 2014 [Page 1] Internet-Draft Locating SIP Servers in IPv4/IPv6 April 2014 publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Notational Conventions . . . . . . . . . . . . . . . . . . . 3 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. DNS Procedures in a Dual-Stack Network . . . . . . . . . . . 4 4.1. Dual-Stack SIP UA DNS Record Lookup Procedure . . . . . . 4 4.2. Indicating Address Family Preference in DNS SRV Records . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . 6 8.2. Informative References . . . . . . . . . . . . . . . . . 6 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 6 1. Introduction The core SIP [RFC3261] RFCs were written with support for both IPv4 and IPv6 in mind, but they were not fully equipped to handle highly hybridized environments during this transitional phase of migration from IPv4 to IPv6 networks, where many server and client implementations run on dual-stack hosts. In such environments, a dual-stack host will likely suffer greater connection delay, and by extension an inferior user experience, than an IPv4-only host. The need to remedy this diminished performance of dual-stack hosts led to the development of the Happy Eyeballs [RFC6555] algorithm, which has since been implemented in many applications. RFC 6157[RFC6157] focuses on handling media in a dual-stack network path between two SIP user agents (UAs). This doesn't solve the signalling issues that can occur when trying to find the best network path to the next hop SIP server. [[TODO: Sync with Vijay Gurbani on impacts of this draft to RFC 6157, especially relative to the additional requirement that DNS be populated such that a certain address family is preferred.]] This document aims to provide a more holistic design solution by clarifying the DNS lookup procedures of RFC 3263[RFC3263] to ensure enhanced performance, and consequently user experience, in highly Johansson & Salgueiro Expires October 27, 2014 [Page 2] Internet-Draft Locating SIP Servers in IPv4/IPv6 April 2014 hybridized dual-stack SIP networks. The procedures described herein are such that a dual-stack client SHOULD look up both A and AAAA records in DNS and then select the best way to set up a network flow. The details of how the latter is done is considered out of scope for this document. See the Happy Eyeballs algorithm and implementation and design considerations in RFC 6555 [RFC6555] for more information about issues with setting up dual-stack network flows. 2. Notational Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 3. Terminology RFC 3261 [RFC3261] defines additional terms used in this document that are specific to the SIP domain such as "proxy"; "registrar"; "redirect server"; "user agent server" or "UAS"; "user agent client" or "UAC"; "back-to-back user agent" or "B2BUA"; "dialog"; "transaction"; "server transaction". This document uses the term "SIP Server" that is defined to include the following SIP entities: user agent server, registrar, redirect server, a SIP proxy in the role of user agent server, and a B2BUA in the role of a user agent server. This document also uses the following terminology to make clear distinction between SIP entities supporting only IPv4, only IPv6 or supporting both IPv4 and IPv6. IPv4-only UA/UAC/UAS: An IPv4-only UA/UAC/UAS supports SIP signaling and media only on the IPv4 network. It does not understand IPv6 addresses. IPv6-only UA/UAC/UAS: An IPv6-only UA/UAC/UAS supports SIP signaling and media only on the IPv6 network. It does not understand IPv4 addresses. IPv4/IPv6 UA/UAC/UAS: A UA/UAC/UAS that supports SIP signaling and media on both IPv4 and IPv6 networks; such a UA/UAC/UAS is known (and will be referred to in this document) as a "dual-stack" [RFC4213] UA/UAC/UAS. Johansson & Salgueiro Expires October 27, 2014 [Page 3] Internet-Draft Locating SIP Servers in IPv4/IPv6 April 2014 4. DNS Procedures in a Dual-Stack Network This specification introduces two normative DNS lookup procedures. These are designed to improve the performace of dual-stack clients in IPv4/IPv6 networks. 4.1. Dual-Stack SIP UA DNS Record Lookup Procedure Once the transport protocol has been determined, the procedure for discovering an ip address if the TARGET is not a numeric IP address but the port is explicitly stated in the URI, is detailed in Section 4.2 of RFC 3263[RFC3263]. The piece relevant to to this discussion is: "If the TARGET was not a numeric IP address, but a port is present in the URI, the client performs an A or AAAA record lookup of the domain name. The result will be a list of IP addresses, each of which can be contacted at the specific port from the URI and transport protocol determined previously." Section 4.2 of RFC 3263 [RFC3263] also goes on to describe the complete procedure for discovering an ip address if the TARGET is not a numeric IP address, and no port is present in the URI. The piece relevant to to this discussion is: "If no SRV records were found, the client performs an A or AAAA record lookup of the domain name. The result will be a list of IP addresses, each of which can be contacted using the transport protocol determined previously, at the default port for that transport. Processing then proceeds as described above for an explicit port once the A or AAAA records have been looked up." Happy Eyeballs [RFC6555] has proven that looking up the "A or AAAA record" is not an effective practice for dual-stack clients and that it can add significant connection delay and greatly degrade user experience. Therefore, this document makes the following normative addendum to the DNS lookup procedures of Section 4.2 of RFC 3263 [RFC3263] for IPv4/IPv6 hybrid SIP networks and recommends it as a best practice for such dual-stack networks: The dual-stack client SHOULD perform an A and AAAA record lookup of the domain name and add the respective IPv4/IPv6 addresses to the list of IP addresses to be contacted. Johansson & Salgueiro Expires October 27, 2014 [Page 4] Internet-Draft Locating SIP Servers in IPv4/IPv6 April 2014 4.2. Indicating Address Family Preference in DNS SRV Records The Happy Eyeballs algorithm [RFC6555] is particularly effective when dual-stack client applications have significant performance differences in their IPv4 or IPv6 network paths. In this common scenario it is often necessary for a dual-stack client to indicate a preference for either IPv4 or IPv6. A service may use DNS SRV records to indicate such a preference for an address family. This way, a server with a high-latency and/or low-capacity IPv4 tunnel may indicate a preference for being contacted using IPv6. A server that wishes to do this can use the lowest SRV priority to publish hostnames that only resolve in IPv6 and the next priority with host names that resolve in both address families. When indicating address family preference through SRV, IPv4-only and/ or IPv6-only clients should be prepared to handle SRV record sets that don't resolve into an ip address in the address family used by that client. In such a case, the client should simply proceed to the next priority and try the hostnames in the alternate address family. 5. Security Considerations This document introduces two new normative procedures to the existing DNS procedures used to locate SIP servers. While both of these procedures are optimizations designed to improve the performance of dual-stack clients, neither introduces any new security considerations. The specific security vulnerabilities, attacks and threat models of the various protocols discussed in this document (SIP, DNS, SRV records, Happy Eyeballs requirements and algorithm, etc.) are well documented in their respective specifications. 6. IANA Considerations This document does not require any actions by IANA. 7. Acknowledgments The author would like to acknowledge the support and contribution of the SIP Forum IPv6 Working Group. This document is based on a lot of tests and discussions at SIPit events, organized by the SIP Forum. This document has benefited from the expertise and review feedback of many participants of the IETF DISPATCH and SIPCORE WG mailing lists as well as those on the SIP Forum IPv6 Task Group mailing list. The authors wish to specifically call out the efforts and express their gratitude for the detailed and thoughtful comments and corrections of Johansson & Salgueiro Expires October 27, 2014 [Page 5] Internet-Draft Locating SIP Servers in IPv4/IPv6 April 2014 Dan Wing, Brett Tate, Rifaat Shekh-Yusef, Carl Klatsky, Dale Worley, Mary Barnes, Keith Drage, Vijay Gurbani and Cullen Jennings. The authors also thank the SIPCORE WG chairs, Paul Kyzivat and Adam Roach, and assigned Area Director, Richard Barnes, for their support and thorough evaluation of this work. 8. References 8.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3263] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol (SIP): Locating SIP Servers", RFC 3263, June 2002. 8.2. Informative References [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [RFC4213] Nordmark, E. and R. Gilligan, "Basic Transition Mechanisms for IPv6 Hosts and Routers", RFC 4213, October 2005. [RFC6157] Camarillo, G., El Malki, K., and V. Gurbani, "IPv6 Transition in the Session Initiation Protocol (SIP)", RFC 6157, April 2011. [RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with Dual-Stack Hosts", RFC 6555, April 2012. Authors' Addresses Olle E. Johansson Edvina AB Runbovaegen 10 Sollentuna SE-192 48 SE Email: oej@edvina.net Johansson & Salgueiro Expires October 27, 2014 [Page 6] Internet-Draft Locating SIP Servers in IPv4/IPv6 April 2014 Gonzalo Salgueiro Cisco Systems 7200-12 Kit Creek Road Research Triangle Park, NC 27709 US Email: gsalguei@cisco.com Johansson & Salgueiro Expires October 27, 2014 [Page 7]